nmi_direct_post 0.2.0

data/lib/nmi_direct_post/logger.rb

@@ -0,0 +1,17 @@
+require "logger"
+
+module NmiDirectPost
+  class << self
+    def logger
+      @logger ||= defined?(::Rails.logger) ? Rails.logger : ::Logger.new(STDOUT)
+    end
+    def logger=(_)
+      raise ArgumentError, "NmiDirectPost logger must respond to :info and :debug" unless logger_responds(_)
+      @logger = _
+    end
+    private
+      def logger_responds(logger)
+        logger.respond_to?(:info) && logger.respond_to?(:debug)
+      end
+  end
+end

data/lib/nmi_direct_post/transaction.rb

@@ -0,0 +1,168 @@
+require_relative 'base'
+require_relative 'customer_vault'
+
+module NmiDirectPost
+  class TransactionNotFoundError < StandardError; end
+
+  class TransactionNotSavedError < StandardError; end
+
+  class Transaction  < Base
+    SAFE_PARAMS = [:customer_vault_id, :type, :amount]
+
+    attr_reader *SAFE_PARAMS
+    attr_reader :auth_code, :avs_response, :cvv_response, :order_id, :type, :dup_seconds, :condition
+    attr_reader :transaction_id
+
+    validates_presence_of :customer_vault_id, :amount, :unless => :'finding_by_transaction_id?', :message => "%{attribute} cannot be blank"
+    validates_presence_of :customer_vault, :unless => 'customer_vault_id.blank?', :message => "%{attribute} with the given customer_vault could not be found"
+    validates_inclusion_of :type, :in => ["sale", "auth", "capture", "void", "refund", "credit", "validate", "update", ""]
+    validates_exclusion_of :type, :in => ["validate", "auth", "capture", "void"], :if => :'customer_vault_is_checking?', :message => "%{value} is not a valid action for a customer vault that uses a checking account"
+    validates_numericality_of :amount, :equal_to => 0, :if => :'is_validate?', :message => "%{attribute} must be 0 when validating a credit card"
+    validates_numericality_of :amount, :greater_than => 0, :if => :'is_sale?', :message => "%{attribute} cannot be 0 for a sale"
+    validates_numericality_of :amount, :greater_than => 0, :if => :'is_auth?', :message => "%{attribute} cannot be 0 for an authorization"
+    validate :voidable_transaction?, :if => :is_void?
+    validate :persisted?, :if => :is_void?
+    validate :save_successful?, :unless => 'response_text.blank?'
+
+    def initialize(attributes)
+      super()
+      @type, @amount = attributes[:type].to_s, attributes[:amount].to_f
+      @transaction_id = attributes[:transaction_id].to_i if attributes[:transaction_id]
+      @customer_vault_id = attributes[:customer_vault_id].to_i if attributes[:customer_vault_id]
+      reload if (finding_by_transaction_id? && self.valid?)
+      @type, @amount = attributes[:type].to_s, attributes[:amount].to_f if ['void', 'capture'].include?(attributes[:type].to_s)
+    end
+
+    def save
+      void! if ('void' == type && condition.blank?)
+      return false if self.invalid?
+      _safe_params = safe_params
+      logger.info { "Sending Direct Post Transaction to NMI: #{_safe_params}" }
+      post([_safe_params, transaction_params].join('&'))
+      valid?.tap { |_| reload if _ }
+    end
+
+    def save!
+      save || raise(TransactionNotSavedError)
+    end
+
+    def self.find_by_transaction_id(transaction_id)
+      raise StandardError, "TransactionID cannot be blank" if transaction_id.blank?
+      NmiDirectPost.logger.debug { "Looking up NMI transaction by transaction_id(#{transaction_id})" }
+      begin
+        new(:transaction_id => transaction_id)
+      rescue TransactionNotFoundError
+        return nil
+      end
+    end
+
+    def pending?
+      'pendingsettlement' == condition
+    end
+
+    def cleared?
+      "complete" == condition
+    end
+
+    def failed?
+      "failed" == condition
+    end
+
+    def declined?
+      2 == response
+    end
+
+    def void!
+      @type='void'
+      if condition.blank?
+        return false if invalid?
+        reload
+        @type = 'void'
+      end
+      save
+    end
+
+    def customer_vault
+      @customer_vault ||= CustomerVault.find_by_customer_vault_id(@customer_vault_id) unless @customer_vault_id.blank?
+    end
+
+    def reload
+      get(transaction_params) if finding_by_transaction_id?
+      self
+    end
+
+    private
+      def safe_params
+        generate_query_string(SAFE_PARAMS)
+      end
+
+      def transaction_params
+        generate_query_string([AUTH_PARAMS, :transaction_id].flatten)
+      end
+
+      def get(query)
+        hash = self.class.get(query)["transaction"]
+        hash = hash.keep_if { |v| v['transaction_id'].to_s == self.transaction_id.to_s }.first if hash.is_a?(Array)
+        raise TransactionNotFoundError, "No transaction found for TransactionID #{@transaction_id}" if hash.nil?
+        @auth_code = hash["authorization_code"]
+        @customer_vault_id = hash["customerid"].to_i
+        @avs_response = hash["avs_response"]
+        @condition = hash["condition"]
+        action = hash["action"]
+        action = action.last unless action.is_a?(Hash)
+        @amount = action["amount"].to_f
+        @type = action["action_type"]
+        @response = action["success"].to_i if action.key?("success")
+        @response_code = action["response_code"].to_i if action.key?("response_code")
+        @response_text = action["response_text"]
+      end
+
+      def post(query)
+        response = self.class.post(query)
+        @response = response["response"].to_i if response.key?("response")
+        @response_code = response["response_code"].to_i if response.key?("response_code")
+        @response_text, @avs_response, @cvv_response = response["responsetext"], response["avsresponse"], response["cvvresponse"]
+        @dup_seconds, @order_id, @auth_code = response["dup_seconds"], response["orderid"], response["authcode"]
+        @transaction_id = response["transactionid"]
+      end
+
+      def customer_vault_is_checking?
+        !customer_vault.blank? && customer_vault.checking?
+      end
+
+      def finding_by_transaction_id?
+        !transaction_id.blank?
+      end
+
+      def is_validate?
+        !finding_by_transaction_id? && ('validate' == type.to_s)
+      end
+
+      def is_sale?
+        !finding_by_transaction_id? && (['sale', ''].include?(type.to_s))
+      end
+
+      def is_auth?
+        !finding_by_transaction_id? && ('auth' == type.to_s)
+      end
+
+      def is_void?
+        !customer_vault_is_checking? && ('void' == type.to_s)
+      end
+
+      def save_successful?
+        return if (success? || declined?)
+        self.errors.add(:response, response.to_s)
+        self.errors.add(:response_code, response_code.to_s)
+        self.errors.add(:response_text, response_text)
+      end
+
+      def voidable_transaction?
+        self.errors.add(:type, "Void is only a valid action for a pending or unsettled authorization, or an unsettled sale") if (finding_by_transaction_id? && !['pending', 'pendingsettlement'].include?(condition)) unless condition.blank?
+      end
+
+      def persisted?
+        self.errors.add(:type, "Void is only a valid action for a transaction that has already been sent to NMI") unless finding_by_transaction_id?
+      end
+  end
+end

data/lib/nmi_direct_post/version.rb

@@ -0,0 +1,3 @@
+module NmiDirectPost
+  VERSION = "0.2.0"
+end

data/nmi_direct_post.gemspec

@@ -0,0 +1,30 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'nmi_direct_post/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "nmi_direct_post"
+  spec.version       = NmiDirectPost::VERSION
+  spec.authors       = ["Isaac Betesh"]
+  spec.email         = ["iybetesh@gmail.com"]
+  spec.description   = %q{Gem that encapsulates the NMI Direct Post API in an ActiveRecord-like syntax}
+  spec.summary       = `cat README.md`
+  spec.homepage      = "https://github.com/betesh/nmi_direct_post"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", ">= 1.3"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rspec"
+  spec.add_development_dependency "rspec-rails"
+  spec.add_development_dependency "simplecov"
+
+  spec.add_dependency 'addressable'
+  spec.add_dependency 'activemodel'
+  spec.add_dependency 'activesupport', ' >= 3.0'
+end

data/spec/base_spec.rb

@@ -0,0 +1,37 @@
+require_relative 'spec_helper'
+
+describe NmiDirectPost::Base do
+  def a_query
+    NmiDirectPost::CustomerVault.find_by_customer_vault_id(a_cc_customer_vault_id)
+  end
+  before(:each) do
+    NmiDirectPost::Base.establish_connection(nil, nil)
+    NmiDirectPost::CustomerVault.establish_connection(nil, nil)
+  end
+  let(:credentials) { TestCredentials::INSTANCE }
+  let(:a_cc_customer_vault_id) { credentials.cc_customer }
+  it "should raise exception when username is an empty string" do
+    NmiDirectPost::Base.establish_connection('', credentials.nmi_password)
+    expect{a_query}.to raise_error(StandardError, "Please set a username by calling NmiDirectPost::Base.establish_connection(ENV['NMI_USERNAME'], ENV['NMI_PASSWORD'])")
+  end
+  it "should raise exception when password is an empty string" do
+    NmiDirectPost::Base.establish_connection(credentials.nmi_username, nil)
+    expect{a_query}.to raise_error(StandardError, "Please set a username by calling NmiDirectPost::Base.establish_connection(ENV['NMI_USERNAME'], ENV['NMI_PASSWORD'])")
+  end
+  it "should raise exception when username is nil" do
+    NmiDirectPost::Base.establish_connection('', credentials.nmi_password)
+    expect{a_query}.to raise_error(StandardError, "Please set a username by calling NmiDirectPost::Base.establish_connection(ENV['NMI_USERNAME'], ENV['NMI_PASSWORD'])")
+  end
+  it "should raise exception when password is nil" do
+    NmiDirectPost::Base.establish_connection(credentials.nmi_username, nil)
+    expect{a_query}.to raise_error(StandardError, "Please set a username by calling NmiDirectPost::Base.establish_connection(ENV['NMI_USERNAME'], ENV['NMI_PASSWORD'])")
+  end
+  it "should find parent connection" do
+    NmiDirectPost::Base.establish_connection(credentials.nmi_username, credentials.nmi_password)
+    expect{a_query}.to_not raise_error
+  end
+  it "should find parent connection" do
+    NmiDirectPost::CustomerVault.establish_connection(credentials.nmi_username, credentials.nmi_password)
+    expect{a_query}.to_not raise_error
+  end
+end

data/spec/customer_vault_spec.rb

@@ -0,0 +1,243 @@
+require_relative 'spec_helper'
+
+describe NmiDirectPost::CustomerVault do
+  def get_new_email
+    "someone#{Random.rand(1..1000)}@example.com"
+  end
+
+  CV = NmiDirectPost::CustomerVault
+  let(:a_cc_customer_vault_id) { TestCredentials::INSTANCE.cc_customer }
+  let(:a_cc_customer) { CV.find_by_customer_vault_id(a_cc_customer_vault_id) }
+  let(:a_checking_account_customer_vault_id) { TestCredentials::INSTANCE.ach_customer }
+  let(:a_checking_account_customer) { CV.find_by_customer_vault_id(a_checking_account_customer_vault_id) }
+
+  before :all do
+    credentials = TestCredentials::INSTANCE
+    NmiDirectPost::Base.establish_connection(credentials.nmi_username, credentials.nmi_password)
+  end
+
+  describe "find_by_customer_vault_id" do
+    it "should find a customer vault" do
+      expect(a_cc_customer.customer_vault_id).to eq(a_cc_customer_vault_id)
+      expect(a_cc_customer.first_name).not_to be_nil
+      expect(a_cc_customer.last_name).not_to be_nil
+      expect(a_cc_customer.email).not_to be_nil
+    end
+
+    it "should raise exception when customer_vault_id is blank" do
+      expect{CV.find_by_customer_vault_id("")}.to raise_error(StandardError, "CustomerVaultID cannot be blank")
+    end
+
+    it "should return exception when no customer is found" do
+      expect(CV.find_by_customer_vault_id("123456")).to be_nil
+    end
+  end
+
+  describe "create" do
+    it "should not create a customer vault when no payment info is specified" do
+      new_email = get_new_email
+      @customer = CV.new(:first_name => "George", :last_name => "Washington")
+      expect(@customer.create).to eq(false)
+      expect(@customer.errors.full_messages).to eq(["Billing information Either :cc_number (a credit card number) and :cc_exp (the credit card expiration date), or :check_account, :check_aba (the routing number of the checking account) and :check_name (a nickname for the account), must be present"])
+    end
+
+    it "should not create a customer vault when a customer valut id is already present" do
+      new_email = get_new_email
+      @customer = CV.new(:first_name => "George", :last_name => "Washington", :cc_number => "4111111111111111", :cc_exp => "06/16", :customer_vault_id => a_cc_customer_vault_id)
+      expect(@customer.create).to eq(false)
+      expect(@customer.errors.full_messages).to eq(["Customer vault You cannot specify a Customer vault ID when creating a new customer vault.  NMI will assign one upon creating the record"])
+    end
+
+    it "should create a customer vault with an automatically assigned customer_vault_id when a credit card number and expiration date are specified" do
+      new_email = get_new_email
+      @customer = CV.new(:first_name => "George", :last_name => "Washington", :cc_number => "4111111111111111", :cc_exp => "06/16")
+      expect(@customer.create).to eq(true)
+      expect(@customer.destroy).to be_success
+      expect(@customer.cc_exp).to eq("06/16")
+    end
+
+    it "should create a customer vault with an automatically assigned customer_vault_id when a checking account number and routing number are specified" do
+      new_email = get_new_email
+      @customer = CV.new(:first_name => "George", :last_name => "Washington", :check_aba => "123123123", :check_account => "123123123", :check_name => "my checking account")
+      expect(@customer.create).to eq(true)
+      expect(@customer.destroy).to be_success
+    end
+
+    [[:cc_number, :check_name], [:cc_number, :check_account], [:cc_number, :check_aba], [:cc_exp, :check_name], [:cc_exp, :check_account], [:cc_exp, :check_aba]].each do |attrs|
+      attributes = {:first_name => "George", :last_name => "Washington", :cc_number => "4111111111111111", :cc_exp => "06/16", :check_aba => "123123123", :check_account => "123123123", :check_name => "my checking account"}
+      attributes.delete(attrs.first)
+      attributes.delete(attrs.last)
+      it "should not create a customer vault when missing #{attrs.first} and #{attrs.last}" do
+        new_email = get_new_email
+        @customer = CV.new(attributes)
+        expect(@customer.create).to eq(false)
+        expect(@customer.errors.full_messages).to eq(["Billing information Either :cc_number (a credit card number) and :cc_exp (the credit card expiration date), or :check_account, :check_aba (the routing number of the checking account) and :check_name (a nickname for the account), must be present"])
+      end
+    end
+  end
+
+  describe "save" do
+    it "should update the customer vault with new shipping_email when shipping_email is set before calling save!" do
+      new_email = get_new_email
+      a_cc_customer.shipping_email = new_email
+      a_cc_customer.save!
+      expect(a_cc_customer.response_text).to eq("Customer Update Successful")
+      expect(a_cc_customer).to be_success
+      expect(a_cc_customer.shipping_email).to eq(new_email)
+      expect(a_cc_customer.reload.shipping_email).to eq(new_email)
+    end
+  end
+
+  describe "update" do
+    it "should update the customer vault with new merchant_defined_fields" do
+      new_field_1 = Random.rand(1..1000)
+      new_field_2 = Random.rand(1..1000)
+      a_cc_customer.update!(:merchant_defined_field_1 => new_field_1, :merchant_defined_field_2 => new_field_2)
+      expect(a_cc_customer.response_text).to eq("Customer Update Successful")
+      expect(a_cc_customer).to be_success
+      a_cc_customer.reload
+      expect(a_cc_customer.merchant_defined_field_1).to eq(new_field_1.to_s)
+      expect(a_cc_customer.merchant_defined_field_2).to eq(new_field_2.to_s)
+    end
+
+    it "should update the customer vault with new shipping_email when shipping_email is passed to update!" do
+      new_email = get_new_email
+      a_cc_customer.update!(:shipping_email => new_email)
+      expect(a_cc_customer.response_text).to eq("Customer Update Successful")
+      expect(a_cc_customer).to be_success
+      expect(a_cc_customer.shipping_email).to eq(new_email)
+      expect(a_cc_customer.reload.shipping_email).to eq(new_email)
+    end
+
+    it "should not update the customer vault with new shipping_email when shipping_email is set before calling update!" do
+      new_email = get_new_email
+      new_address = "#{Random.rand(1..1000)} Sesame Street"
+      old_email = a_cc_customer.shipping_email
+      a_cc_customer.shipping_email = new_email
+      a_cc_customer.update!(:shipping_address_1 => new_address)
+      expect(a_cc_customer.response_text).to eq("Customer Update Successful")
+      expect(a_cc_customer).to be_success
+      expect(a_cc_customer.shipping_email).to eq(new_email)
+      expect(a_cc_customer.reload.shipping_email).to eq(old_email)
+    end
+
+    it "should not allow updating the customer_vault_id" do
+      new_email = get_new_email
+      expect{a_cc_customer.update!(:customer_vault_id => '')}.to raise_error(NmiDirectPost::MassAssignmentSecurity::Error, "Cannot mass-assign the following attributes: customer_vault_id")
+    end
+
+    it "should not interfere with other set variables" do
+      new_email = get_new_email
+      new_address = "#{Random.rand(1..1000)} Sesame Street"
+      old_email = a_cc_customer.shipping_email
+      a_cc_customer.shipping_email = new_email
+      a_cc_customer.update!(:shipping_address_1 => new_address)
+      expect(a_cc_customer.response_text).to eq("Customer Update Successful")
+      expect(a_cc_customer).to be_success
+      expect(a_cc_customer.shipping_email).to eq(new_email)
+      a_cc_customer.save!
+      expect(a_cc_customer.reload.shipping_email).to eq(new_email)
+    end
+  end
+
+  describe "reload" do
+    it "should not reload if customer vault id is missing" do
+      @customer = CV.new({})
+      expect(@customer.customer_vault_id).to be_nil
+      @customer.reload
+      expect(@customer).not_to be_success
+      expect(@customer.response).to be_nil
+      expect(@customer.errors.full_messages).to eq(["Customer vault You must specify a Customer vault ID when looking up an individual customer vault"])
+    end
+  end
+
+  describe "first/last/all" do
+    before(:all) do
+      @all_ids = CV.all_ids
+    end
+    it "should get all ids" do
+      expect(@all_ids).to be_a(Array)
+      expect(@all_ids).to eq(@all_ids.uniq)
+      @all_ids.each do |id|
+        expect(id).to be_a(Fixnum)
+      end
+    end
+
+    it "should get the first customer vault" do
+      expected = CV.find_by_customer_vault_id(@all_ids.first)
+      first = CV.first
+      expect(first).to be_a(CV)
+      expect(first).to have_same_attributes_as(expected)
+    end
+
+    it "should get the last customer vault" do
+      expected = CV.find_by_customer_vault_id(@all_ids.last)
+      last = CV.last
+      expect(last).to be_a(CV)
+      expect(last).to have_same_attributes_as(expected)
+    end
+
+    it "should get all customer vaults" do
+      customers = CV.all
+      expect(customers.count).to eq(@all_ids.count)
+      customers.each do |customer|
+        expect(customer).to be_a(CV)
+        expect(customer.customer_vault_id).not_to be_nil
+      end
+    end
+  end
+
+  describe "cc_hash" do
+    it "should not be settable" do
+      expect(a_cc_customer.respond_to?('cc_hash=')).to eq(false)
+    end
+    it "should be a string on a CC customer" do
+      expect(a_cc_customer.cc_hash).to be_a(String)
+    end
+    it "should be nil on a checking customer" do
+      expect(a_checking_account_customer.cc_hash).to be_nil
+    end
+    it "should not be allowed in a mass assignment update" do
+      expect{a_cc_customer.update!(:cc_hash => 'abcdefg')}.to raise_error(NmiDirectPost::MassAssignmentSecurity::Error, 'Cannot mass-assign the following attributes: cc_hash')
+    end
+    it "should not be allowed when initialized" do
+      expect{CV.new(:first_name => "George", :last_name => "Washington", :cc_number => "4111111111111111", :cc_exp => "06/16", :cc_hash => 'abcdefg')}.to raise_error(NmiDirectPost::MassAssignmentSecurity::Error, 'Cannot mass-assign the following attributes: cc_hash')
+    end
+  end
+
+  describe "check_hash" do
+    it "should not be settable" do
+      expect(a_cc_customer.respond_to?('check_hash=')).to eq(false)
+    end
+    it "should be a string on a CC customer" do
+      expect(a_checking_account_customer.check_hash).to be_a(String)
+    end
+    it "should be nil on a checking customer" do
+      expect(a_cc_customer.check_hash).to be_nil
+    end
+    it "should not be allowed in a mass assignment update" do
+      expect{a_cc_customer.update!(:check_hash => 'abcdefg')}.to raise_error(NmiDirectPost::MassAssignmentSecurity::Error, 'Cannot mass-assign the following attributes: check_hash')
+    end
+    it "should not be allowed when initialized" do
+      expect{CV.new(:first_name => "George", :last_name => "Washington", :cc_number => "4111111111111111", :cc_exp => "06/16", :check_hash => 'abcdefg')}.to raise_error(NmiDirectPost::MassAssignmentSecurity::Error, 'Cannot mass-assign the following attributes: check_hash')
+    end
+  end
+
+  describe "checking?" do
+    it "should be true for a checking account customer" do
+      expect(a_checking_account_customer).to be_checking
+    end
+    it "should be false for a CC customer" do
+      expect(a_cc_customer).not_to be_checking
+    end
+  end
+
+  describe "credit_card?" do
+    it "should be true for a CC customer" do
+      expect(a_cc_customer).to be_credit_card
+    end
+    it "should be false for a checking account customer" do
+      expect(a_checking_account_customer).not_to be_credit_card
+    end
+  end
+end